1,105,395 Community Members

Session Management and Login Validation PHP

Member Avatar
PriteshP23
Posting Whiz in Training
206 posts since Oct 2012
Reputation Points: 0 [?]
Q&As Helped to Solve: 0 [?]
Skill Endorsements: 6 [?]
 
0
 

I would like to solved out the SESSION part in ALL files. SESSION is not working properely anymore. In addition, i need to solved out the javascript errors.

Objective is to access the dashboard.php and other pages from LOGIN.php and CREATEACCOUNT.php WITH validation and SESSION. There are two files: login.php and createaccount.php, from which user comes to dashboard.php in both cases.

When user forgot the password, i need to send password by email AND save new password into the database. I have used md5 method. Please let me know password recovery by email. I have tried so many times to manage ALL the things. It is not working in expected manner.

// js.js
function validateForm()
{
    var testemail=document.forms["SignIn"]["txtEmail"].value;
    var atpos=testemail.indexOf("@");
    var dotpos=testemail.lastIndexOf(".");
    if (atpos<1 || dotpos<atpos+2 || dotpos+2>=testemail.length)
    {
        alert("Enter Valid Email");
        return false;
    }
    var testpwd=document.forms["SignIn"]["pwd"].value;
    if (testpwd==null || testpwd=="")
    {
        alert("Password must be filled out");
        return false;
    }  
    if(testpwd.length<6)
    {
        alert("Length must be >=6 "); 
        return false;
    }
}

function validatenewuser() 
{
    var testemail=document.forms["SignUp"]["txtEmail"].value;
    var atpos=testemail.indexOf("@");
    var dotpos=testemail.lastIndexOf(".");
    if (atpos<1 || dotpos<atpos+2 || dotpos+2>=testemail.length)
    {
        alert("Enter Valid Email");
        return false;
    }

    var testpassword=document.forms["SignUp"]["pwd"]["cnfmpwd"].value;
    var password = document.getElementById(pwd).value;
    var confirmpassword = document.getElementById(cnfmpwd).value;
    if (password == confirmpassword) 
    {
        alert("Password Match..!!");
        return false;
    } 
    else 
    {
        alert("Verify your password");
        return false;
    }
}

=================================================================================
//createaccount.php

<form method="post" name="SignUp" action="" onSubmit="return validate_newuser();">                   
    <table>
        <tr>
        <td> Your email address: </td>
        <td> <input type="text" id="txtEmail" name="txtEmail" required="required" /> </td>
        </tr>
        <tr>
        <td> Choose your Password: </td>
        <td> <input type="password" id="pwd" name="pwd" required="required" /> </td>
        </tr>
        <tr>
        <td> Confirm Password: </td>
        <td> <input type="password" id="cnfmpwd" name="cnfmpwd" required="required" /> </td>
        </tr>                    
    </table>
    <input type="submit" class="btnLogin" value="OK" style="display:inline-block; font-weight:bold; font-size:12px; margin-left:350px;" />
</form>          
=================================================================================
//login.php

<form method="post" name="SignIn" action="" onSubmit="return validateForm();">                           
    <table>
        <tr>
        <td> Enter your Email: </td>
        <td> <input type="text" name="txtEmail" /> </td>
        </tr>
        <tr>
        <td> Enter your Password:  </td>
        <td> <input type="password" name="pwd" autocomplete="off" /> </td>
        </tr>                
    </table>         
    <input type="submit" class="btnLogin" value="Go" style="display:inline-block; font-weight:bold; font-size:12px; margin-left:350px;" />

</form>  

=================================================================================
//dashboard.php  +  There are other pages like configure.php and profile.php

<?php
    session_start();
    include "config.php";  
    include kSERVERPATH."init.php";
?>
<html>
    <head>
        <script type="text/javascript" src="js.js" media="all" /></script>
    </head>
<body>

<?php
    $CON // connection works

    $txtEmail=$_POST['txtEmail'];
    $pwd=$_POST['pwd'];
    $cnfmpwd=$_POST['cnfmpwd'];
    $encrypt_password=md5($pwd);

    $query = " SELECT * FROM `users` WHERE `email` = '".$txtEmail."' ";
    $result = mysql_query($query);
    $NumResponse = mysql_num_rows($result);

    if($NumResponse>0)
    {
        echo "<script type='text/javascript'>\n";
        echo "alert('Already Registered..!! )\n";
        echo "</script>";
    }
    else if($pwd==$cnfmpwd)
    {          

        $query = "INSERT INTO `busyexpe`.`users` (`id_user`, `email`, `ref_lang`, `password`, `date_creation`, `date_updated`,          `pwdResetDate`) VALUES (NULL, '".$txtEmail."', '1', '".$encrypt_password."', NOW(), NOW(), NOW());" ;       
        $result = mysql_query($query) or die(mysql_error());;
        echo "<script type='text/javascript'>\n";
        echo "alert('Your account has been succesfully created..!!')\n";
        echo "</script>";
    }

=================================================================================

//logout.php

<?php
    session_start();
    session_destroy();
    header("Location: index.php");
?>

Thanks in advanced.

Member Avatar
phorce
Veteran Poster
1,016 posts since Jul 2011
Reputation Points: 119 [?]
Q&As Helped to Solve: 133 [?]
Skill Endorsements: 29 [?]
Featured
 
0
 

What doesn't "work" you need be more specific!

Questions / points:

1) Does this even execute?

$CON // connection works

2) Don't use mysql_* these commands are being depreciated.

3) Where do you set the sessions? For example:

<?php
    session_start();
    $_SESSION['Phorce'] = "Phorce";


    echo "User: " . $_SESSION['Phorce'];

    session_destroy();

    echo "User: " . $_SESSION['Phorce'];

4) In "logout.php" if you want to destroy a session, why are you creating a new session just to destroy it? You create the session at the beginning of your script.

LastMitch
Deleted Member
 
0
 

@PriteshP23

Objective is to access the dashboard.php and other pages from LOGIN.php and CREATEACCOUNT.php WITH validation and SESSION. There are two files: login.php and createaccount.php, from which user comes to dashboard.php in both cases.

I think it has something to do with your <form> that has javascript in it.

You really shouldn't combine javascript with php like that.

Member Avatar
PriteshP23
Posting Whiz in Training
206 posts since Oct 2012
Reputation Points: 0 [?]
Q&As Helped to Solve: 0 [?]
Skill Endorsements: 6 [?]
 
0
 

@phorce

  1. $CON // I mean to say i have successfully connected with database. It is not executable.

  2. I will chage it.

  3. I am not sure for SESSION logic.

  4. I will put only session_destroy(); header("Location: index.php"); in logout.php

Please correct the code. Thanks in advanced.

Member Avatar
PriteshP23
Posting Whiz in Training
206 posts since Oct 2012
Reputation Points: 0 [?]
Q&As Helped to Solve: 0 [?]
Skill Endorsements: 6 [?]
 
0
 

@LastMitch

If you have ANY idea, do modification IN my code. I need urgent help in order to get the result.

Member Avatar
PriteshP23
Posting Whiz in Training
206 posts since Oct 2012
Reputation Points: 0 [?]
Q&As Helped to Solve: 0 [?]
Skill Endorsements: 6 [?]
 
0
 

@LastMitch
@phorce

I need your urgent help. Please let me know IF you have find mistake or another way to do so.

Member Avatar
phorce
Veteran Poster
1,016 posts since Jul 2011
Reputation Points: 119 [?]
Q&As Helped to Solve: 133 [?]
Skill Endorsements: 29 [?]
Featured
 
0
 

@PriteshP23 - We have our own lives, and, we choose to help people. It is rude (and probably against the rules) to demand you want your code looking at and fixing. You haven't even told us what is going wrong (What are the error messages? If any..)

NOTE: We don't have your server, nor access to your database and we are not compilers / intepreters that can just read through your code and process it. TELL US what is going wrong with the code.

Member Avatar
PriteshP23
Posting Whiz in Training
206 posts since Oct 2012
Reputation Points: 0 [?]
Q&As Helped to Solve: 0 [?]
Skill Endorsements: 6 [?]
 
0
 

@phorce

I am sorry if i had demanded and take your more time.

I have already mentioned that there is a problem in SESSION & JavaScript. It is not displaying error. IF it has other errors, i had already put it with my code.

I would like to know my mistake when i tried to create a session. Nothing else i required.

LastMitch
Deleted Member
 
0
 

@PriteshP23

I am sorry if i had demanded and take your more time.

Like what phorce say regarding about members fixing codes.

It's a big No-No to demand members to fixed your code!

You really shouldn't post a another thread regarding about this issue:

http://www.daniweb.com/web-development/php/threads/446743/php-session-help

I find that very rude.

Member Avatar
varma51
Newbie Poster
19 posts since Jul 2012
Reputation Points: 0 [?]
Q&As Helped to Solve: 2 [?]
Skill Endorsements: 0 [?]
 
0
 

in login.php there is no php code.just you are doing validation in javascript.
But You are saving the Register people data in database.but u r nt comparing the input email & password values with saved values from database..then how u r redirecting the user to dashboard .php

Member Avatar
PriteshP23
Posting Whiz in Training
206 posts since Oct 2012
Reputation Points: 0 [?]
Q&As Helped to Solve: 0 [?]
Skill Endorsements: 6 [?]
 
0
 

@varma51

The thing is SESSION is not working. I have created session when user comes to dashboard.php page. I THINK Login page has nothing to do with session (php code).

I got the error:

Notice: Undefined index:

Member Avatar
phorce
Veteran Poster
1,016 posts since Jul 2011
Reputation Points: 119 [?]
Q&As Helped to Solve: 133 [?]
Skill Endorsements: 29 [?]
Featured
 
0
 

@PriteshP23 How do you expect SESSION to work, when you initialise a session, but, don't actually define anything as a session?

Member Avatar
PriteshP23
Posting Whiz in Training
206 posts since Oct 2012
Reputation Points: 0 [?]
Q&As Helped to Solve: 0 [?]
Skill Endorsements: 6 [?]
 
0
 

I have to SET session. That was missing in my code. Thank you all for your time and help..!!

<?php
if(isset ($_POST['form_action3'])){
        if  ($_POST['register']=="register_me")
        {
            $txtEmail = $_POST['form_action'];
            $pswd = $_POST['pswd'];
            $cnfmpswd = $_POST['cnfmpswd'];
            $encrypt_password = md5($pswd);

            $query = "";
            $result = mysql_query($query);
            $NumResponse = mysql_num_rows($result); 
            if($NumResponse>0)
            {
                echo "<script type='text/javascript'>\n";
                echo "alert('Already Registered..!! )\n";
                echo "</script>";
            }
            else{  
                $query = "";        
                $result = mysql_query($query) or die(mysql_error());;
                echo "<script type='text/javascript'>\n";
                echo "alert('Your account has been succesfully created..!!')\n";
                echo "</script>";
                include "dashboard.php";
            }
        }
    }   
?>

<body>
<form method="post" name="SignUp" action="" onSubmit="return validatenewuser();">                    
    <div class="divLogin">
    <table>
    <tr>
    <td> Your email address: </td>
    <td> <input type="text" id="form_action" name="form_action"  required="required" /> </td>
    </tr>
    <tr>
    <td> Choose your Password: </td>
    <td> <input type="password" id="pswd" name="pswd" required="required" /> </td>
    </tr>
    <tr>
    <td> Confirm Password: </td>
    <td> <input type="password" id="cnfmpswd" name="cnfmpswd" required="required" /> </td>
    </tr>                    
    </table>
    </div>

    <br /><div id="message">Nothing else required.</div><br />
    <input type="hidden" name="register" value="register_me" />

    <input type="submit" class="btnLogin" name="form_action3" value="OK" />

</form>          

</body>
Question Answered as of 1 Year Ago by phorce, LastMitch and varma51
You
This question has already been solved: Start a new discussion instead
Post:
Start New Discussion
View similar articles that have also been tagged: